Under the Radar

Under the Radar 13: External Dependencies


  welcome to under the radar a show about

  independent iOS app development I'm

  Marco Arment and I'm David Smith under

  the radar is never longer than 30

  minutes so let's get started so today we

  wanted to unpack the situation that

  occurred I guess it was the end of our

  beginning of this week end of last week

  something like that where parse a fairly

  widely used platform for app backends

  design announced that they will be

  shutting down and the while the actual

  situation and the nuances of that aren't

  particularly like generally applicable

  they're interesting the actual sort of

  the fundamentals of that of having this

  big general-purpose flat platform that

  was used by lots of apps finally

  shutting or deciding it was going to

  shut down has a lot of knock-on effects

  that are probably worth unpacking before

  we dive into that app robbing sense to

  just sort of talk about what parse was

  and so parse was this platform that made

  and relatively easy to make a back-end

  for your application that would do

  object persistence user management

  things like that like a very basic

  high-level like non specific to a

  particular industry back-end sort of

  system that a lot of apps could use and

  it had fairly attractive pricing and

  including a free tier which is always a

  bit of a trap for these kinds of things

  where you can say oh we can use it for

  free and if our app gets really

  successful then we only then what we

  have to pay an advantage a couple years

  ago was bought by Facebook which it made

  everyone who is using it kind of happy

  because oh now it's not this sort of

  fly-by-night thing it's backed by you

  know this major corporation but now it's

  ship being shut down Facebook has

  decided that that's not something that

  they want to invest in and continue to

  maintain and so a year from now they are

  going to be turning it off they're doing

  it pretty well like they're getting a

  year's notice and a bunch of migration

  tools but at the end of the day this

  thing that I've heard varying reports

  but you know at least I think it's fair

  to say a quite a lot of apps make use of

  at least in part he's just gonna be

  turned off and as a result the apps that

  use it if they haven't been updated or

  migrated are just going to stop working

  and that's kind of tricky yeah I think

  one of the weird things about this is

  like you know kind of ties back to app

  economics where

  in order for these apps to continue

  working it has to be worth their

  developers time and and their developers

  have to have the budget to now do a

  noticeable update and you know they've

  made it relatively easy they've released

  big parts of their service as open

  source that you could just install at

  any server microsoft azure has started

  trying to attract people to migrate to

  them and they're making a little bit


  so there are migration options here that

  aren't gonna be incredibly work heavy

  but it is still work you have to still

  do an update there are going to be

  things you have to change and rewrite

  and so it has to be worth that happening

  by the by the apps developers so if

  you're relying on an app that uses this

  that hasn't updated in a long time that

  might never be updated for this it might

  never be worth somebody's time to update

  it and that's unfortunate and that that

  is going to cause a lot of problems in

  the app stores these apps was kind of

  slowly you know collect 1 star reviews

  and stopped working and and they just

  kind of live as zombies forever yeah and

  so as developers when I see something

  like this like I said like the a the

  specifics of the PAR situation are sort

  of inch vaguely and or like

  intellectually interesting but aren't

  actually practically that interesting

  but what it makes me think about is it

  makes me evaluate the dependencies that

  I have in my own apps and as I build

  apps and increasingly a fewer and fewer

  of the things that I've built have no

  web component whatsoever because the

  feel seems like these days like you're

  gonna need some kind of back-end for

  your application either something like

  parse or you know that's sort of like

  off the shelf or something you build

  yourself and you're probably gonna need

  these for at least one of three reasons

  like you're gonna need some kind of your

  apps probably going to do something

  back-up related or people are if they're

  people are putting any amount of data

  into your application they're probably

  going to want to be able to have it

  backed up and this is something that for

  a long time I used to ever say oh I rely

  on like the iTunes iCloud backup system

  but that is all kinds of problems and

  issues that you'll run into where like I

  have a recipe manager and I ran into

  issues where like their recipes were

  fully backed up in like the latest

  backup that they did but they

  accidentally deleted the app and so now

  the only way they

  get their recipes back is to do a full

  restore of an old backup on to their

  device potentially destroying newly like

  newer data on in other apps and things

  like it's a mess so you wanna be able to

  backup your data or you want to be able

  to sync your data between different

  devices so you'll need some kind of

  back-end to do that or you just have an

  app that has like a core service like

  obviously like I imagine an overcast you

  need a back-end or this you're like a

  lot of what you do wouldn't work if you

  didn't have some kind of back-end to run

  for it oh sure I mean you know there are

  podcast apps that don't use server-side

  backends like as intermediaries and just

  crawl feeds directly and everything but

  that's not how I built mine and and it

  affords me a bunch of advantages to have

  done it the way I do it but now I have

  this big dependency I'm on my surface

  yeah and I think ultimately like that's

  the right word like at the end of it

  building these backends that are maybe

  they aren't always required but are

  going to be required in a lot of cases

  like the biggest thing that I think this

  situation is instructive for is making

  us aware of the things that were

  dependent on and that our apps are

  dependent on because we're always gonna

  be dependent on something it seems like

  there's no way to really say like ok I'm

  gonna be completely independent because

  ultimately you're gonna be like I'm very

  reliant on Apple for example and iOS

  like if if Apple announced you know

  tomorrow that hey we've decided you know

  this iOS thing isn't really working out

  we're just gonna turn it off like we're

  just gonna stop making iPhones I'm not

  saying it's likely but if they did my

  apps would stop working like in the same

  way that if parse decide you know to

  going away meant that absolute relied on

  it go away like or maybe a more

  practical example for like i-4 on the

  Apple side of things as if they decide

  like you know what cloud kit isn't

  working out we're gonna turn that off or

  those types of things or like I rely on

  my hosting provider I post all my own

  all my Linux servers online out and you

  know if they decide they're gonna go out

  or they go out of business or they

  decide they're not gonna do the kind of

  hosting that I need anymore

  suddenly like I'm in a big bit of a bind

  and so like there's no way to avoid

  being dependent you're always dependent

  on something

  but like you can there's a lot of

  dependencies that you kind of have some

  choice in like do i want to be so wed to

  a particular platform or back-end or

  system or do i want to be a bit more

  flexible and do you know Bujji it ends

  up like the more custom you make it and

  how much of it you control you're gonna

  have more like Portability and be able

  to be like you know if this particular

  host goes away I can just get another

  one and your how to be able to look at

  the trade-offs and make more choices

  than if you're just all in on one thing

  that's when you start to get a little

  bit awkward yeah and that's why I like

  the the selection of what you depend on

  this this is why I'm usually very

  conservative with these you know

  obviously I try to minimize how many

  external services and companies and

  things I depend on but you know the

  betterment something as you said this is

  why I always try to choose as

  conservatively as possible so like yeah

  Apple could shut down the entire App

  Store and that would that would really

  be disruptive for us but that's very

  unlikely like the apps the app stores

  continued success is pretty important to

  Apple as well so I've aligned my

  incentives with this now pretty old and

  pretty important thing to its parent

  company that like it is very unlikely

  that Apple's Apple will do that and

  that'll be a problem for me

  Facebook shutting down parse this thing

  they bought did not have that kind of

  luxury like if you were a parse customer

  six months ago you're like looking

  evaluating this this dependency Facebook

  it isn't that important to Facebook to

  keep this running so that this this was

  foreseeable that like this was a high

  risk of happening that this company made

  this service it got big got bought the

  parent company didn't really depend on

  its continued operation for their core

  strategy so this was always gonna be a

  risk right so you know if if Linode I

  know however we're supposed to be

  pronouncing it I sale I know do you sale

  I know they say Linode if if that

  particular Linux VPS host gets shut down

  well that's unlikely because they're

  really big and they're they've been

  around a while but even if that happens

  migrating away from that is not that big

  of a problem because there are other

  Linux VPS hosts just like it and they

  and if if every Linux VPS host went away

  you could get a Linux server somewhere

  that behaved very similarly you know if

  every Linux server provider went away

  you could add as a last ditch run one in

  your house like you shouldn't but you

  could like in this so like the the

  transition options away from something

  are also very important like parse

  shutdown they did a decent thing here

  where they they open sourced a big part

  of their of their server and made it

  like installable on your own stuff but

  what if they didn't do that lots of

  things shut down and never do that

  because they just either can't or won't

  or don't feel like it so you know if

  let's suppose suppose you depend on an

  Amazon Web service for your business and

  Amazon shuts that down most of the time

  that is very hard to replace because

  they are so custom and proprietary you

  can't just kind of do your own thing if

  you dependent on any kind of like high

  level service like this then it is it is

  always a risk the the more like custom

  and proprietary and high level something

  is the risk of it being hard to replace

  if it ever does go away increases yeah

  and I think that's ultimately probably

  like the enticement and why it's this

  weird tension that you find yourself in

  as you're developing a service or as

  you're thinking about a feature you're

  saying like if I do it with this high

  level can't like constructor that this

  company's providing I can save myself a

  lot of time upfront because I'm not

  having to build that again you know I'm

  saying like if if there's this solution

  that they've come up with that like

  means that you know user authentication

  it's just like a thing that I can just

  ruff like plug into my app and it

  handles all the give a secure password

  storing and email resets and all that

  kind of stuff like say there's a service

  that does that off-the-shelf like that's

  you know days weeks months of time that

  you weren't spending building that thing

  that instead you're just kind of more

  integrating directly into your

  application and so like it's enticing

  and like you're getting this enticement

  at the benefit of that upfront time but

  it's sort of at the detriment of this

  this risk that you're increasing in your

  application and

  maybe that makes sense like if you're

  just kind of prototyping something and

  throwing it out there or you aren't in a

  situation that's very time limited that

  you have to you know you if you don't

  ship your app in a month it's you're

  gonna miss some kind of market window or

  opportunity that or like that's the only

  amount of like you just have that much

  money to make a run at it and you just

  kind of have to then great like it's

  there's nothing bad about those types of

  things but it's this weird tension that

  you're finding of like because you're so

  locked in at that point you're setting

  yourself up for difficulty down the road

  because it's not necessarily like you're

  it's like short-term benefit and like

  long-term pain because you know

  developing it yourself there's also

  long-term pain it's a different kind of

  pain but like you have to then be the

  one who's maintaining it or when

  security issues happen you know you have

  to could be you're the one going in and

  patching your web server or you're the

  Linux distribution you're installing on

  your servers or whatever like you're you

  know at some point there's always the

  long-term challenges with these things

  but the difficult the difference is more

  one of your totally locked in and at the

  whim of whatever that company is and

  unless you're their biggest customer

  which for the kind of people who I

  imagine listen to a show like this

  you're unlikely to be a service

  providers made like biggest customer

  you're just gonna be kind of like rah

  you know sort of wash back and forth

  based on whatever makes sense for them

  and that may or may not be something

  that or a position that you find

  yourself in that you'd be comfortable

  with this episode of under the radar is

  brought to you by hover quite simply

  hover is the best way to buy and manage

  domain names when it comes to buying a

  domain name hover is the first place I

  check now when you have an idea for a

  project naming it can be difficult when

  you finally get that name you want to be

  able to quickly and easily get the

  domains that you need hover provides a

  simple fast and hassle-free method of

  buying domains I don't want to be faced

  with a thousand screens and all these

  add-ons high prices all these like

  custom weird services that seem kind of

  like scams I just want to get in it's

  like what I need buy it and get on with

  my life and building my new idea hover

  makes us very very easy

  their search is very nice it suggests

  things for you if nothing's available

  they can search all the TL DS all the

  crazy new ones in addition to all the


  and they have dot-com domain starting at

  just $12.99 a year great prices on all

  the other ones as well all these include

  Whois privacy for free with every hover

  domain because they believe that you

  shouldn't have to pay extra for

  something like that that's you know

  obviously you want to keep your private

  information private that's one have

  fantastic customer support if you want

  to call them they have a no hold no wait

  no transfer telephone support policy

  when you call them you talk to an actual

  human being not a robot not a menu you

  don't have to say like operator like the

  stupid speak menus it's a real human

  being you can just talk to directly they

  pick up the phone and if you do of

  course prefer the robots they also have

  great support documents and support

  guides and their website for getting

  everything you need and you can email

  them as well if you'd like and they also

  have a valid transfer service where they

  can take all the hassle out of switching

  from your current provider so because

  they do it all for you you can just give

  them your login to your old provider and

  they will transfer names for you if

  you'd like all that for free of course

  they have so much more great stuff they

  have volume discounts they have custom

  email addresses storage and forwarding

  and so much more stuff check it out

  today at hover.com

  use code perspective at checkout that is

  once again code perspective at checkout

  and you will get 10% off your first

  purchase at hover comm and you will show

  your support for under the radar and all

  of real afm thank you very much to hover

  for sponsoring this episode so it seems

  like we should probably also dive now

  dive into kind of like what we do how we

  approach this because I think we both

  have found ourselves at the end of the

  like the thought process on how we

  should bake backends for our servers

  with the like well we're gonna build

  them ourselves and we're gonna build

  custom applications running on you know

  Linux VPS is that we use and probably

  worth saying why we kind of do that I

  mean to me it's it's you know first of

  all it's all about control for me I'm a

  control freak and I want to do

  everything myself and I want I want I

  want everything to be under my control

  because I don't want to have major parts

  of my roadmap dictated by a dumb change

  in my host that oh all of a sudden this

  entire thing I depend on is shutting

  down and I got to change that like you

  know Apple give us enough of those

  things we don't you know the with like

  new device releases and everything but

  those are you know kind

  an unavoidable part of working with

  Apple but when it comes to running your

  services you control a lot more of that

  and you can avoid those things and so I

  love that part of it and for me it's

  also it's also a lot about capability

  and and cost in a low cost and and and

  just being able to do a lot cloud kit is

  very appealing in a lot of ways and if I

  was making the new app today I would

  think very hard about how about whether

  I could just do it all in cloud kit and

  whether that'll be the right move for me

  but it is still limited in what it can

  do what it can't do

  and and so for me like a website or like

  a regular Linux back-end is the default

  for me I know how to do it it really

  isn't that hard which we'll get into in

  a little bit it really isn't that hard

  and it's it is surprisingly capable for

  surprising little cost yeah exactly I

  think there's the reasons are fairly

  similar for me like I like I think the

  thing that I like most is being able to

  tailor the backend of my application to

  not necessarily the application but it's

  tailored to the way that I think and the

  way that I solve problems in the way

  that I'm thinking about like the

  problems that are being solved in my app

  so when I'm dealing with something like

  sink like the generic term for like one

  of the hardest problems in computer

  science I like that I can like so I'm

  solving that problem in a way that makes

  sense to me that I'm not having to kind

  of shoehorn my application in the way I

  think about it into the model that a

  service provider provides and they say

  like well you know we handle conflict

  resolution using like last last updated

  wins or something like that and like

  maybe that works maybe it doesn't

  and so when you build your app builder

  yourself like I actually understand it

  like I have to go I've gone through and

  I've made the decisions at the various

  levels of like well I want this to work

  this way I want this to work that way

  and so then down the road when I'm

  debugging something and I have a better

  understanding of how how I expected to

  work and when things go wrong I have a

  sense of where they're made might be

  going wrong like is this an app problem

  is this a web service problem and like

  ultimately it probably also just like

  makes my apps better and makes me a

  better program

  like having this breath of experience

  that at this point like I can build

  something all the way from like the UI

  and the application the business logic

  inside of the application and then all

  the way through to like the you know

  then the web service that's managing

  that information and a database at the

  back that's storing that information

  like having being able to do all those

  things is just like good for me from a

  career and personal development

  perspective like I've learned to solve

  more problems doing it this way that

  ultimately I think makes me a better

  developer like I write less my apps are

  probably better because they're the kind

  of calls they're making like I know what

  the server is trying to do with those

  calls and so you don't end up just like

  well this is like the naive obvious

  solution I'll just kind of throw all

  this data at the server or I'll hey let

  me just ask for all of it every day all

  the time and because if the servers are

  overwhelmed that's not my problem like

  those are things that ultimately

  probably make my apps better and like

  you were saying it is kind of crazy how

  inexpensive it is to do a lot of these

  things now like just with a lot of my

  things are just backed by like two or


  you know VPS is that cost I mean like at

  a basic one it's like $20 a month

  there's something like that twenty forty

  dollars a month like for a lot of my

  applications I end up spending you know

  maybe it's $100 a month in in servers

  and that's really not too bad for the

  can of capability in the throughput and

  the number of users that you can support

  even with just at that level oh yeah I

  mean evenly the twenty bucks a month

  server level on a modern host like line

  out or digitalocean you can get so much

  for this for this money now and when

  you're using boring old fast tools like

  MySQL or Postgres and you're you have

  like a modern web language in front of

  it you know you have even in the old

  ones PHP Ruby you know like Python or

  more recently you might have like go you

  know these these are so fast you can do

  so much you can support so much usage

  it's way more than you think because now

  you know you have these modern

  processors doing the virtualization you


  ssds on almost all these hosts now it is

  incredibly fast to do and so like you

  you really can support a lot on very

  little hardware yeah and I think

  ultimately that makes it a lot easier

  like it's there the hardest problems

  I've ever had to solve like the only

  time I kind of regretted doing backends

  myself is they were the early days of

  feed Wrangler my RSS sinking system

  which like I was doing stuff that in

  retrospect was really foolish and was

  just crushing my database like it was

  just my Postgres database was just

  constantly dying and falling over and in

  retrospect it was because I was being

  you know deserves I've made a few really

  bad assumptions upfront but even there

  like that's the only time I've ever

  really had to do any low-level

  performance tuning of any of my

  applications otherwise just out of the

  box things are just fast and work and

  it's fine in a way that like it would be

  problematic if I you know if I really

  needed to be like a database

  administrator like a serious like you

  know DBA whatever they call them these

  days like doing that kind of work but

  most of the times I just like install

  Postgres with the defaults you know

  tweak a few things how the way I like it

  and then it's fine and it just runs

  quickly enough for you know that my

  users don't even really notice any kind

  of performance issues or problems yeah I

  mean like you might think if you've if

  you haven't done this before or if the

  last media this was like 10 years ago

  you might think that running servers

  requires lots of like low-level tweaking

  and performance tuning and getting these

  right config variables to like exactly

  the right buffer size and everything and

  you don't really need to do that anymore

  that's very very rare for most people

  need to get that that down into the

  nitty gritty stuff it really is like as

  you said that you can just install these

  things with the defaults and usually

  you're fine

  that's usually what you need to do

  because everything is just so good now

  there's so much Headroom the software is

  very mature and a lot of these things

  and and the hardware isn't very mature

  to so it you really get a lot of weight

  with just the defaults now and I think

  if you think one thing that I was kind

  of looking forward to when we got it got

  into this topic is you said you had a

  few little pro tips for getting into

  this kind of administer

  because I think it is it can be a little

  bit intimidating to it's like you know

  like go and install Linux even then you

  starts like well what version of Linux

  what should I do

  how to get started and it's remember a

  bit being a little intimidating but at

  least like what the fun thing is once

  you get going like there's tremendous

  resources and you can just kind of get

  going and once you know it you know it

  because this stuff doesn't really change

  yeah basically like Google is your

  friend you know not not the corporate

  structure but you know the search engine

  its SEC overflow like all these things

  these are your friend because lots of

  people have been running Linux servers

  for years and as you said the tools and

  the commands and what you need to do

  doesn't change very often usually

  typically that you learn this stuff like

  once and you have to learn something new

  maybe every two years like it's it's

  pretty it's pretty stable it doesn't

  change much so number one tip I can give

  is to pick a very popular but somewhat

  conservative Linux distribution to do

  this with four years I recommended sent

  to us which was basement right Hat

  Enterprise Linux I think today I think

  Ubuntu might have more momentum behind

  it so I actually just I just managed my

  first Ubuntu server recently and it's

  it's things are a little bit different

  but I was able to figure it out

  so between sent OS and Ubuntu you can't

  really go wrong turn on auto updates for

  as much of a system software as it makes

  sense to do that for usually every major

  district has a way to do this it's very

  straightforward that will take care of

  most security problems for you if you

  basically are not an idiot which you're

  not trust me you know if you're not an

  idiot and if you leave things mostly at

  their defaults with the distro and what

  it comes with modern Linux distros are

  very secure by default because they know

  that that matters like the default

  matter so they've all adopted pretty

  conservative and pretty secure defaults

  for the most part keeping things updated

  automatically is very easy and things

  like that on a other high level stuff

  only run the software that you need to

  be running and they're all very good at

  letting you manage this so like if you

  have a server that you have your website

  on don't also install like well let me

  install FTP so I can like trade files

  with my friends like no just leave that

  off that's just of just a liability it

  just don't do that

  you know install what you need to

  install and if you want to play around

  with different things you can create a

  second VPS for like five or ten bucks a

  month and play around on that don't play

  around in your main servers run only

  what you need to be running on them take

  advantage of the built in isolation in

  Linux machines especially with regard to

  networking almost every service that

  you'll be running will have some kind of

  like listening port where you can say

  alright this database should listen on

  this interface on this port if you only

  have one server make this make the

  internal stuff listen on localhost so

  that you can't log into MySQL from

  outside like you shouldn't need to do

  that anyway you should be doing things

  on the server if you need you know

  management stuff lock that down if you

  have multiple servers use use private

  networking every host that's worth their

  salt support the private networking

  between your between your own machines

  so if you have multiple servers need to

  talk to each other have them talk to

  each other only over private interfaces

  have things like MySQL or memcache

  listen-only on private or our local

  interfaces that helps a lot just make it

  don't don't rely on like being your

  password secure make it so that

  passwords don't even work from the

  outside so that also applies to things

  like SSH when you're doing login remote

  login so disable root logins once you

  have a user set up had that user have

  sudo access with the password and then

  that user account that you're logging in

  as say you're logging in as David make

  that the only user that can log in via

  SSH and make that key authentication

  only disable password authentication in

  SSH this is very simple stuff to do you

  can Google how to do it so that right

  there you have no way to log in with a

  password you have to have the the

  encryption key to log in that knocks out

  massive you know brute force

  possibilities and everything that helps

  so so much between that and private

  networking for private services you

  really eliminate a lot of problems now

  moving on slightly to user data collect

  as little user data as possible to get

  your job done because worst case

  scenario somebody hacks into your server

  worst case scenario they take your

  database what do they have think about

  it when you're designing your when

  you're designing your database you're

  designing your service what information

  do you really need from people and what

  can you get away with not having

  if you don't need to get people's email

  addresses don't get their email

  addresses if you like if you're taking

  passwords from people hash those so that

  you know people aren't getting like just

  the md5 like for God's sake don't do

  that like you know use secure password

  hashing like be Krypton strong settings

  there is lots of good practices for this

  lots of things to tell you how to do

  this I've considered even for overcast

  like I do have the email addresses for

  people because I figure yeah I need to

  be able to I have email addresses and I

  have hashed passwords with a strong

  bcrypt but I'm like I've been thinking

  recently do I even need the email

  address could I could I have that too

  cuz then then you have like if you steal

  my database you just have no email

  addresses like that would be amazing and

  I was thinking like the only if you hash

  the email address so it works just like

  that you like the password basically

  then you could still have logins you can

  still have password resets the only

  thing you really can't do is I can't

  like email people randomly out of my

  database but I've never done that I

  don't send a newsletter I don't do it

  like I don't do any that stuff so you

  know stuff like that

  think about just like what data you have

  what you're collecting and what you can

  afford not to collect simple security

  measures beyond that you know you should

  have database backups you should also be

  encrypting those backups there's

  built-in stuff there's a crypt command

  you can pipe thar through and everything

  like this really simple stuff on unix to

  do all this very securely make sure

  though that you are testing these

  backups make sure you can decrypt them

  it's so that's very important don't

  store the encryption key only on the

  server because then if that server gets

  wiped or gets lost or whatever you've

  lost your data and your backup

  decryption key that's no good one

  strategy I employ there is I write my

  database backups I copied them onto a

  write only s3 account so like the the

  account the credentials that are on the

  machines can only write to the bucket

  they can't read or delete from it so

  that way if somebody hacked into the

  machine they can't also go and delete on

  my backups so I have a separate you know

  separate credentials that I can that I

  can pull the backups off of there and

  restore that never live on my servers

  those those stay like with me and my

  personal documents those never live on

  the servers so you know keep things as

  secure and separate as you can just by

  design like this and that's really about

  it for basic security stuff it really is

  not as

  as you think and you don't have to do

  very much you don't have to like

  constantly keep on top of your servers

  and be constantly baby suddenly for the

  most part you set it up and it basically

  runs itself and if you set it up with

  sensible default using conservative

  software and some basic security

  settings like what I've said here

  you can be pretty much fine yeah exactly

  and I think that it's the kind of thing

  that if you can't do this kind of thing

  and if like if everything that Marco

  just ran through like is complete

  gibberish to you like you should

  probably do something about that it's a

  good it's an important skill to be a

  developer to understand some of these

  basics they sort of like the

  fundamentals that run the internet like

  you should understand what this is and

  you know just sort of take control of

  that and you know I just I just get a

  five-dollar like VPS somewhere and start

  messing around and start seeing you know

  learning cuz that's how most people even

  people learn this stuff you just start

  doing it and you get better at it

  alright we're out of time this week

  thanks for listening everybody and next

  week we're gonna go into a little more

  detail about our server setups lessons

  we've learned and how to minimize the

  workload we'll see you next week okay